Skip to main content
getbased is built on one principle: your health data belongs to you and no one else. By default, your lab results, DNA data, wearable history, and AI conversations stay in your browser’s local storage and IndexedDB. There is no account and no sign-up. Data leaves your browser only when you choose a feature that needs it: sending obfuscated lab text to an AI provider, enabling encrypted cross-device sync, creating a password-protected profile share link, or enabling Agent Access for a local MCP agent. In encrypted modes, the hosted service stores or forwards ciphertext rather than readable health data.

Where your data lives

During normal local use, profile data such as lab entries, context cards, notes, supplements, genetics, wearable summaries, and chat threads is stored in two browser-native storage areas:
  • localStorage for profile data, settings, and app state
  • IndexedDB for wearable time-series rows, knowledge base vectors, and backup snapshots
Clearing your browser data will erase your local getbased data, so use the export and backup features to keep copies you control. Opt-in network features such as AI providers, sync, profile sharing, and Agent Access are covered below.

Encryption at rest

By default, data is stored unencrypted in your browser’s local storage. Other websites cannot read it, but someone with access to your device, browser profile, or malicious extensions may be able to. For an extra layer of protection, you can enable AES-256-GCM encryption at rest from Settings → Data → Security. When active, your data is encrypted with a key derived from your passphrase via PBKDF2 before being written to storage. See Encrypt your data for setup instructions and passphrase requirements.

PII stripped before AI sees your labs

When you import a lab PDF, getbased runs a two-stage obfuscation pass before the text reaches any AI provider:
  1. Regex scan (always on) — detects and replaces known PII patterns: name, address, date of birth, SSN/patient ID, email, phone, and common US lab identifiers (Specimen ID, Accession No, MRN).
  2. Local AI obfuscation (opt-in) — a language model running on your own machine reads the full PDF text and replaces personal information contextually, catching edge cases the regex misses. Enable it in Settings → Privacy → Configure Local AI. Nothing leaves your device during this step.
What the AI provider receives: only the anonymized lab text — marker names, values, units, and collection dates. Never your name, address, or any identifier.
Even with PII obfuscation active, the anonymized text is sent to your configured AI provider (OpenRouter, Venice, Routstr, or PPQ) over HTTPS. If you want zero network transmission at any step, use a local AI server as both your PII model and your main AI provider.

AI provider options and what they see

getbased supports multiple AI backends. The privacy implications differ by provider:
ProviderWhat they receiveNetwork?
PPQ / Routstr / OpenRouterObfuscated lab text over HTTPSYes
Venice AI (standard)Obfuscated lab text over HTTPS, no-log policyYes
Venice AI (E2EE)Ciphertext — decrypted only inside a TEEYes, encrypted
PPQ Private TEEBrowser-encrypted request body — decrypted only inside a verified Tinfoil secure enclaveYes, encrypted
Local AI (Ollama, LM Studio, Jan)Nothing leaves your deviceNo

Venice end-to-end encryption

When you enable E2EE on the Venice provider, your prompts are encrypted in the browser before transmission using ECDH (secp256k1) key exchange with the model’s Trusted Execution Environment (TEE) attestation key, HKDF-SHA256 key derivation, and AES-256-GCM message encryption. The prompt is designed to be decrypted only inside a verified Intel TDX enclave, so Venice’s normal servers should not see the plaintext prompt. getbased verifies TEE attestation (nonce binding, signing key binding, debug mode rejection) before establishing each session. A 🔒✓ indicator in the chat header confirms attestation passed.

PPQ Private TEE mode

PPQ Private TEE mode gives you encrypted prompt handling without requiring you to run your own proxy. getbased verifies the private endpoint, encrypts the request in your browser, sends ciphertext to PPQ’s private API, and shows lock/attestation status in chat. Web search is disabled in private mode so prompts do not leak into external search tools.

Fully local AI

Connect any OpenAI-compatible server (Ollama, LM Studio, Jan, llama.cpp) in Settings → AI → Local AI. When a local server is your active provider, nothing leaves your device at any point during a chat or PDF import.

Cross-device sync

Cross-device sync is entirely opt-in. When you enable it, an Evolu CRDT engine encrypts your data with a key derived from a 24-word mnemonic before it reaches the relay server. The relay only ever stores encrypted blobs. See Sync across devices for setup details.

Profile sharing

Profile sharing is opt-in. When you create a share link, getbased locks a copy of the selected profile in your browser with the password you choose or generate, then uploads only that locked copy. The password is not added to the link and is not stored by getbased. Anyone who has both the link and the password can import the shared profile until the link expires or you stop sharing it. See Profile sharing for the full workflow and limitations.

Agent Access

Agent Access is opt-in and separate from cross-device sync. When enabled, your browser encrypts a compact agent context with GETBASED_AGENT_CONTEXT_KEY, then pushes only the encrypted envelope to the context gateway. GETBASED_TOKEN authorizes relay reads, but it is not the decryption key. Your local MCP client fetches the ciphertext and decrypts it locally. See Connect getbased to external AI assistants for setup and revocation. On first launch, getbased shows a Terms & Privacy gate before the normal tour, changelog, backup nudges, or other startup prompts. The acceptance record is stored locally in your browser with the Terms and Privacy version dates. If either document version changes, getbased asks you to accept the updated versions again on that browser. The hosted app may collect anonymous cookieless usage stats for product health. The first-run notice and Settings → Privacy → Anonymous Usage Stats explain the boundary: no IP address, no health data, no profile contents, no AI messages. You can disable usage stats at any time.

No account or identity tracking

getbased has no user accounts, no login, and no cookies tied to your identity. The app is open source — you can verify every claim on GitHub.

Data portability

You own your data and can take it with you at any time:
  • JSON export — download a full plaintext copy from Settings → Data → Export. See Export and import.
  • Profile sharing — create a temporary password-protected link for one profile. See Profile sharing.
  • Agent Access — share an encrypted summary with your own MCP-compatible agent. See Agent Access.
  • Folder backup — auto-save daily snapshots to any local folder, Proton Drive, or Dropbox. See Backup.
  • Cross-device sync — move data to a new device without exporting a file. See Sync across devices.

Tor access

getbased is accessible over Tor at its .onion address. When you access the app via Tor, the sync relay automatically switches to its .onion WebSocket address so all traffic stays within the Tor network.